Page 17 - Threat Intelligence 9-24-2019
P. 17

VMware Releases Security Updates for Multiple Products
             VMware has released security updates to address vulnerabilities affecting multiple products. An
             attacker could exploit some of these vulnerabilities to take control of an affected system
             The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to
             review VMware Security Advisory VMSA-2019-0014 and apply the necessary updates.


             North Korean Malicious Cyber Activity
             The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation
             (FBI) have identified two malware variants—referred to as ELECTRICFISH and BADCALL—used by
             the North Korean government. The U.S. Government refers to malicious cyber activity by the North
             Korean government as HIDDEN COBRA. CISA encourages users and administrators to review the
             HIDDEN COBRA - North Korean Malicious Cyber Activity page, which contains links to Malware
             Analysis Reports MAR-10135536-21 and MAR-10135536-10, for more information.


             Adobe Releases Security Updates
             Adobe has released security updates to address vulnerabilities affecting Flash Player and
             Application Manager. An attacker could exploit these vulnerabilities to take control of an affected
             system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and
             administrators to review Adobe Security Bulletins APSB19-45 and APSB19-46 and apply the
             necessary updates.

             Intel Releases Security Updates
             Intel has released security updates to address vulnerabilities in multiple products. An attacker could
             exploit one of these vulnerabilities to gain an escalation of privileges on a previously infected
             machine. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and
             administrators to review Intel's Security Advisories INTEL-SA-00290 and INTEL-SA-00285 and apply
             the necessary updates.



             Vulnerabilities and Indicators of Compromise


                    ➢ Weekly Vulnerability Summary from US-CERT
                    ➢ Talos weekly alerts
                    ➢ ESET discovered an undocumented backdoor used by the infamous Stealth Falcon group
                    ➢ Cyber-security incident at US power grid entity linked to unpatched firewalls
                    ➢ Critical Exim flaw opens servers to remote code execution, patch now!
                    ➢ Microsoft Phishing Page Uses Captcha to Bypass Automated Detection
                    ➢ PsiXBot Adds PornModule, Google DNS Service to Its Arsenal
                    ➢ Evolution of Malware Sandbox Evasion Tactics – A Retrospective Study
                    ➢ IoT Attack Opportunities Seen in the Cybercrime Underground









                                                      “If you spend more on coffee than on IT security, you will be hacked.

                                                                                  What's more, you deserve to be hacked”
                                                                                                         ― Richard Clarke
   12   13   14   15   16   17   18   19   20